Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/T0pQ-e59plUpCIQFO07uTRkL-FM.roa
File: T0pQ-e59plUpCIQFO07uTRkL-FM.roa (raw, json)
Hash identifier: /986dHVNNvZLFpQy3RhBT+g4KqJ5W9Eyr60KrdvoAYI=
Subject key identifier: 4F:4A:50:F9:EE:7D:A6:55:29:08:84:05:3B:4E:EE:4D:19:0B:F8:53
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 019175228728CE8267A30FF276A5A48AEB85
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/T0pQ-e59plUpCIQFO07uTRkL-FM.roa
Signing time: Wed 21 Aug 2024 13:31:22 +0000
ROA not before: Wed 21 Aug 2024 13:31:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48678
IP address blocks: 45.9.30.0/24 maxlen: 24
45.144.213.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 01 Nov 2024 00:33:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:75:22:87:28:ce:82:67:a3:0f:f2:76:a5:a4:8a:eb:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Aug 21 13:31:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f4a50f9ee7da655290884053b4eee4d190bf853
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:34:49:a1:e5:e8:a7:26:be:a7:f5:e5:71:59:
e6:d7:3a:e4:d7:6f:b8:d1:59:76:1f:41:a0:c9:e2:
42:f7:ab:24:b8:06:df:b3:08:10:b5:5b:29:2a:bd:
78:36:e5:46:b0:43:08:8c:d4:3a:fa:10:be:b5:6b:
1c:82:d9:0b:f9:4e:ba:9d:39:51:78:2a:1b:df:1d:
78:f9:22:b6:f6:d0:dd:9c:8e:f8:5b:51:9b:12:d1:
12:aa:6b:5b:b8:dd:6f:d6:d6:55:1c:ee:42:b8:a0:
17:96:22:8e:c9:4a:b5:11:3d:2c:a5:bb:5c:65:20:
c8:53:a3:4a:57:cc:26:c6:fb:6c:29:f1:73:ee:c3:
59:a3:aa:94:2d:d2:6b:53:8f:7a:c6:37:2e:da:c6:
d4:15:32:8c:66:d3:95:e9:93:2d:86:33:3a:b3:e9:
d8:43:f7:a7:db:00:99:6b:1d:18:3e:c2:f0:04:16:
62:d7:ca:d6:62:16:8e:fc:0d:f3:e8:e3:c4:dc:55:
bb:c2:b5:bb:17:6a:31:cc:91:a6:74:5f:f6:55:56:
1a:14:6b:0e:8a:b2:0b:ce:03:3f:26:a4:30:fa:a1:
cd:93:ac:01:ac:24:10:e3:12:04:d1:e1:7f:bd:22:
0d:b8:4e:8f:d6:eb:7e:50:e7:69:af:31:59:be:b2:
64:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:4A:50:F9:EE:7D:A6:55:29:08:84:05:3B:4E:EE:4D:19:0B:F8:53
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/T0pQ-e59plUpCIQFO07uTRkL-FM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.30.0/24
45.144.213.0/24
Signature Algorithm: sha256WithRSAEncryption
48:d2:a0:d8:8c:8c:dd:e6:95:b7:5b:c9:20:fc:a1:07:de:97:
2d:87:02:1f:36:27:f2:5b:50:dd:b7:d7:9c:b7:61:4b:bd:1c:
1d:35:f2:a7:07:dc:5b:32:12:b3:27:96:7f:35:cf:46:8e:f7:
cd:0e:27:61:c5:0b:9a:90:96:e8:fc:27:8e:61:34:2c:c9:f1:
87:bd:ea:0b:31:79:12:f1:d6:2d:f3:ec:a4:dc:d6:cb:28:51:
9e:57:96:a6:f5:cd:e4:4a:c5:73:13:6d:0b:50:b9:5d:4c:4c:
a0:00:5c:da:f5:35:cd:95:89:52:7a:97:62:15:82:97:b9:75:
b0:fd:6f:30:77:60:94:7e:cc:c0:e6:ad:2e:19:03:27:fa:20:
c7:c5:6b:6e:f2:84:e2:c5:bd:af:e9:b8:e1:05:d6:74:a1:d9:
c9:79:51:ae:ad:da:28:fc:29:de:be:28:0a:c9:e1:f1:1c:c4:
f5:5e:ca:5c:88:9b:53:81:97:92:7b:f0:5e:01:a0:ca:68:64:
85:3d:b1:af:17:42:bd:12:15:f6:82:15:61:29:bb:fe:e3:71:
90:6a:eb:9d:fd:f0:3e:a2:3b:39:08:2e:4f:b4:c4:9f:8e:cb:
0e:c2:da:a6:54:d4:fd:5f:10:b8:79:ca:a3:3d:0d:4a:fe:6f:
59:18:1b:d5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZF1IocozoJnow/ydqWkiuuFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwODIxMTMzMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjRhNTBmOWVlN2RhNjU1MjkwODg0MDUzYjRlZWU0ZDE5MGJmODUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDRJoeXopya+p/XlcVnm1zrk12+4
0Vl2H0GgyeJC96skuAbfswgQtVspKr14NuVGsEMIjNQ6+hC+tWscgtkL+U66nTlR
eCob3x14+SK29tDdnI74W1GbEtESqmtbuN1v1tZVHO5CuKAXliKOyUq1ET0spbtc
ZSDIU6NKV8wmxvtsKfFz7sNZo6qULdJrU496xjcu2sbUFTKMZtOV6ZMthjM6s+nY
Q/en2wCZax0YPsLwBBZi18rWYhaO/A3z6OPE3FW7wrW7F2oxzJGmdF/2VVYaFGsO
irILzgM/JqQw+qHNk6wBrCQQ4xIE0eF/vSINuE6P1ut+UOdprzFZvrJkZwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE9KUPnufaZVKQiEBTtO7k0ZC/hTMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvVDBwUS1lNTlwbFVwQ0lRRk8wN3VUUmtMLUZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALQkeAwQA
LZDVMA0GCSqGSIb3DQEBCwUAA4IBAQBI0qDYjIzd5pW3W8kg/KEH3pcthwIfNify
W1Ddt9ect2FLvRwdNfKnB9xbMhKzJ5Z/Nc9GjvfNDidhxQuakJbo/CeOYTQsyfGH
veoLMXkS8dYt8+yk3NbLKFGeV5am9c3kSsVzE20LULldTEygAFza9TXNlYlSepdi
FYKXuXWw/W8wd2CUfszA5q0uGQMn+iDHxWtu8oTixb2v6bjhBdZ0odnJeVGurdoo
/CnevigKyeHxHMT1XspciJtTgZeSe/BeAaDKaGSFPbGvF0K9EhX2ghVhKbv+43GQ
auud/fA+ojs5CC5PtMSfjssOwtqmVNT9XxC4ecqjPQ1K/m9ZGBvV
-----END CERTIFICATE-----
Generated at Fri Nov 1 02:42:52 2024 by rpki-client on console-ams.rpki-client.org